[Ksplice][Ubuntu-12.10-Updates] New updates available via Ksplice (USN-1972-1)
Oracle Ksplice
ksplice-support_ww at oracle.com
Fri Sep 27 11:07:12 PDT 2013
Synopsis: USN-1972-1 can now be patched using Ksplice
CVEs: CVE-2013-1819 CVE-2013-2237
Systems running Ubuntu 12.10 Quantal can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-1972-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack on Ubuntu 12.10 Quantal
install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* Heap buffer overflow when reading "pagemap" procfs file.
The kernel does not correctly allocate a temporary buffer when reading from the
"pagemap" procfs file, leading to a kernel heap overflow and possible code
execution.
* NULL pointer dereference in Keyspan USB-to-serial driver.
A NULL pointer dereference and kernel panic can be triggered if a memory
allocation fails when attaching a Keyspan USB device.
* Use-after-free in ext4 metadata error path.
If an error is encountered when writing dirty ext4 metadata to disk, a use-after-
free condition can be triggered causing a kernel panic.
* Deadlock in NILFS2 segment buffer processing.
Incorrect reference counting in the NILFS2 filesystem driver when processing
segment buffers can trigger a deadlock causing a kernel panic.
* NULL pointer in Wireless USB data transfer.
A NULL pointer dereference and kernel panic can be triggered when disconnecting
a wireless USB device while transferring data.
* Kernel panic in removable memory sysfs interface.
When showing the contents of the /sys/devices/system/memory/memory*/removable
sysfs file, the kernel does not validate that all memory sections are present
causing a kernel panic.
* System hang in zram swap free under high memory pressure.
Incorrect locking in the zram swap freeing path could result in a system
hang when the system is under high memory pressure.
* CVE-2013-2237: Information leak on IPSec key socket.
Incorrect initialization on policy flushing could leak kernel stack
bytes to userspace.
* CVE-2013-1819: Denial-of-service in XFS filesystems.
Incorrect validation of block numbers could allow local users to cause a
denial-of-service (NULL pointer dereference and system crash) or
possibly have unspecified other impact by leveraging the ability to
mount an XFS filesystem containing a metadata inode with an invalid
extent map.
* Improved fix for 'Unlimited stack ASLR bypass on 64-bit systems'.
The original update for 'Unlimited stack ASLR bypass on 64-bit systems' did not
correctly handle randomising the stack causing compatibility issues with some
existing user-mode programs. This update corrects the issue.
* NULL pointer dereference in Intel wireless driver.
A NULL pointer dereference can be trigged in the iwlwifi driver when
doing a channel switch. This can lead to a kernel panic.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-12.10-Updates
mailing list